Software programs, such as operating systems, firmware, and applications, are prone to security flaws. These flaws, although initially hidden or unidentified, may eventually be identified, and become widely known. In order to fix these security flaws and/or fix other problems, such as compatibility issues, software programs may be updated through patches or upgrades.
However, even after a software program has been patched to fix a security flaw, malicious attackers may attempt to take advantage of security flaws in an older version through a “rollback attack.” In a rollback attack, a malicious attacker attempts to install an older version of a software program with known security vulnerabilities. If the older version is successfully installed and executed, then the attacker may capitalize on the known security vulnerabilities.